Jump to content
Nytro

Blackhat Eu 2013 - A Perfect Crime? Only Time Will Tell

By Nytro, in Tutoriale video

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Blackhat Eu 2013 - A Perfect Crime? Only Time Will Tell

Description: On 2012, security researchers shook the world of security with their CRIME attack against the SSL encryption protocol. CRIME (Compression Ratio Info-leak Made Easy) attack used an inherent information leakage vulnerability resulting from the HTTP compression usage to defeat SSL’s encryption.

However, the CRIME attack had two major practical drawbacks. The first is the attack threat model: CRIME attacker is required to control the plaintext AND to be able to intercept the encrypted message. This attack model limits the attack to mostly MITM (Man In The Middle) situation.

The second issue is the CRIME attack was solely aimed at HTTP requests. However, most of the current web does not compress HTTP requests. The few protocols that did support HTTP requests compression (SSL compression and SPDY) had dropped their support following the attack details disclosure, by thus rendering the CRIME attack irrelevant.

In our work we address these two limitations by introducing the TIME (Timing Info-leak Made Easy) attack for HTTP responses.

By using timing information differential analysis to infer on the compressed payload’s size, the CRIME attack’s attack model can be simplified and its requirements can be loosened. In TIME’s attack model the attacker only needs to control the plaintext, theoretically allowing any malicious site to launch a TIME attack against its innocent visitors, to break SSL encryption and/or Same Origin Policy (SOP).

Changing the target of the attack from HTTP requests to HTTP responses significantly increases the attack surface, as most of the current web utilizes HTTP response compression to save bandwidth and latency.

In particular, we:

Introduce the TIME attack

Show an actual POC of timing differential analysis to infer on the compressed payload’s size and subsequently the cipher-text’s underlying plaintext

Show the relevancy of compression ratio information leakage for HTTP responses

Suggest mitigation steps against the TIME attack

For More Information please visit : - Black Hat | Europe 2013 - Briefings

Sursa: Blackhat Eu 2013 - A Perfect Crime? Only Time Will Tell

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...